libmongocrypt-helper 1.12.0.0.1001 → 1.14.0.0.1001

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c

@@ -14,12 +14,14 @@
  * limitations under the License.
  */
 
+#include "bson/bson.h"
 #include "mc-fle-blob-subtype-private.h"
 #include "mc-fle2-encryption-placeholder-private.h"
 #include "mc-fle2-find-equality-payload-private-v2.h"
 #include "mc-fle2-find-equality-payload-private.h"
 #include "mc-fle2-find-range-payload-private-v2.h"
 #include "mc-fle2-find-range-payload-private.h"
+#include "mc-fle2-find-text-payload-private.h"
 #include "mc-fle2-insert-update-payload-private-v2.h"
 #include "mc-fle2-insert-update-payload-private.h"
 #include "mc-fle2-payload-uev-private.h"
@@ -28,6 +30,8 @@
 #include "mc-range-edge-generation-private.h"
 #include "mc-range-encoding-private.h"
 #include "mc-range-mincover-private.h"
+#include "mc-str-encode-string-sets-private.h"
+#include "mc-text-search-str-encode-private.h"
 #include "mc-tokens-private.h"
 #include "mongocrypt-buffer-private.h"
 #include "mongocrypt-ciphertext-private.h"
@@ -62,7 +66,7 @@ _mongocrypt_marking_parse_fle1_placeholder(const bson_t *in, _mongocrypt_marking
         BSON_ASSERT(field);
         if (0 == strcmp("ki", field)) {
             has_ki = true;
-            if (!_mongocrypt_buffer_from_uuid_iter(&out->key_id, &iter)) {
+            if (!_mongocrypt_buffer_from_uuid_iter(&out->u.fle1.key_id, &iter)) {
                 CLIENT_ERR("key id must be a UUID");
                 return false;
             }
@@ -82,14 +86,14 @@ _mongocrypt_marking_parse_fle1_placeholder(const bson_t *in, _mongocrypt_marking
             }
             /* CDRIVER-3100 We must make a copy of this value; the result of
              * bson_iter_value is ephemeral. */
-            bson_value_copy(value, &out->key_alt_name);
+            bson_value_copy(value, &out->u.fle1.key_alt_name);
             out->type = MONGOCRYPT_MARKING_FLE1_BY_ALTNAME;
             continue;
         }
 
         if (0 == strcmp("v", field)) {
             has_v = true;
-            memcpy(&out->v_iter, &iter, sizeof(bson_iter_t));
+            memcpy(&out->u.fle1.v_iter, &iter, sizeof(bson_iter_t));
             continue;
         }
 
@@ -107,7 +111,7 @@ _mongocrypt_marking_parse_fle1_placeholder(const bson_t *in, _mongocrypt_marking
                 CLIENT_ERR("invalid algorithm value: %d", algorithm);
                 return false;
             }
-            out->algorithm = (mongocrypt_encryption_algorithm_t)algorithm;
+            out->u.fle1.algorithm = (mongocrypt_encryption_algorithm_t)algorithm;
             continue;
         }
 
@@ -144,7 +148,7 @@ _mongocrypt_marking_parse_fle2_placeholder(const bson_t *in, _mongocrypt_marking
     BSON_ASSERT_PARAM(out);
 
     out->type = MONGOCRYPT_MARKING_FLE2_ENCRYPTION;
-    return mc_FLE2EncryptionPlaceholder_parse(&out->fle2, in, status);
+    return mc_FLE2EncryptionPlaceholder_parse(&out->u.fle2, in, status);
 }
 
 bool _mongocrypt_marking_parse_unowned(const _mongocrypt_buffer_t *in,
@@ -188,13 +192,13 @@ void _mongocrypt_marking_cleanup(_mongocrypt_marking_t *marking) {
         return;
     }
     if (marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION) {
-        mc_FLE2EncryptionPlaceholder_cleanup(&marking->fle2);
+        mc_FLE2EncryptionPlaceholder_cleanup(&marking->u.fle2);
         return;
     }
 
     // else FLE1
-    _mongocrypt_buffer_cleanup(&marking->key_id);
-    bson_value_destroy(&marking->key_alt_name);
+    _mongocrypt_buffer_cleanup(&marking->u.fle1.key_id);
+    bson_value_destroy(&marking->u.fle1.key_alt_name);
 }
 
 /**
@@ -268,10 +272,139 @@ void _mongocrypt_marking_cleanup(_mongocrypt_marking_t *marking) {
 
 DERIVE_TOKEN_IMPL(EDC)
 DERIVE_TOKEN_IMPL(ESC)
-DERIVE_TOKEN_IMPL(ECC)
 
 #undef DERIVE_TOKEN_IMPL
 
+/**
+ * Calculates:
+ * E?CToken = HMAC(collectionLevel1Token, n)
+ * E?CText<T>Token = HMAC(E?CToken, t)
+ * E?CText<T>DerivedFromDataToken = HMAC(E?CText<T>Token, v)
+ * E?CText<T>DerivedFromDataTokenAndContentionFactorToken = HMAC(E?CText<T>DerivedFromDataToken, cf)
+ *
+ * E?C = EDC|ESC
+ * n = 1 for EDC, 2 for ESC
+ * <T> = Exact|Substring|Suffix|Prefix
+ * t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
+ * cf = contentionFactor
+ *
+ * If {useContentionFactor} is False, E?CText<T>DerivedFromDataToken is saved to out, and
+ * {contentionFactor} is ignored.
+ * Otherwise, E?CText<T>DerivedFromDataTokenAndContentionFactorToken is saved to out.
+ * Note that {out} is initialized even on failure.
+ */
+#define DERIVE_TEXT_SEARCH_TOKEN_IMPL(Name, Type)                                                                      \
+    static bool _fle2_derive_##Name##Text##Type##_token(_mongocrypt_crypto_t *crypto,                                  \
+                                                        _mongocrypt_buffer_t *out,                                     \
+                                                        const mc_CollectionsLevel1Token_t *level1Token,                \
+                                                        const _mongocrypt_buffer_t *value,                             \
+                                                        bool useContentionFactor,                                      \
+                                                        int64_t contentionFactor,                                      \
+                                                        mongocrypt_status_t *status) {                                 \
+        BSON_ASSERT_PARAM(crypto);                                                                                     \
+        BSON_ASSERT_PARAM(out);                                                                                        \
+        BSON_ASSERT_PARAM(level1Token);                                                                                \
+        BSON_ASSERT_PARAM(value);                                                                                      \
+                                                                                                                       \
+        _mongocrypt_buffer_init(out);                                                                                  \
+                                                                                                                       \
+        mc_##Name##Token_t *token = mc_##Name##Token_new(crypto, level1Token, status);                                 \
+        if (!token) {                                                                                                  \
+            return false;                                                                                              \
+        }                                                                                                              \
+        mc_##Name##Text##Type##Token_t *textToken = mc_##Name##Text##Type##Token_new(crypto, token, status);           \
+        mc_##Name##Token_destroy(token);                                                                               \
+        if (!textToken) {                                                                                              \
+            return false;                                                                                              \
+        }                                                                                                              \
+        mc_##Name##Text##Type##DerivedFromDataToken_t *fromDataToken =                                                 \
+            mc_##Name##Text##Type##DerivedFromDataToken_new(crypto, textToken, value, status);                         \
+        mc_##Name##Text##Type##Token_destroy(textToken);                                                               \
+        if (!fromDataToken) {                                                                                          \
+            return false;                                                                                              \
+        }                                                                                                              \
+                                                                                                                       \
+        if (!useContentionFactor) {                                                                                    \
+            /* FindTextPayload uses *fromDataToken */                                                                  \
+            _mongocrypt_buffer_copy_to(mc_##Name##Text##Type##DerivedFromDataToken_get(fromDataToken), out);           \
+            mc_##Name##Text##Type##DerivedFromDataToken_destroy(fromDataToken);                                        \
+            return true;                                                                                               \
+        }                                                                                                              \
+                                                                                                                       \
+        BSON_ASSERT(contentionFactor >= 0);                                                                            \
+        /* InsertUpdatePayload continues through *fromDataTokenAndContentionFactor */                                  \
+        mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_t *fromDataAndContentionFactor =           \
+            mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_new(crypto,                            \
+                                                                                    fromDataToken,                     \
+                                                                                    (uint64_t)contentionFactor,        \
+                                                                                    status);                           \
+        mc_##Name##Text##Type##DerivedFromDataToken_destroy(fromDataToken);                                            \
+        if (!fromDataAndContentionFactor) {                                                                            \
+            return false;                                                                                              \
+        }                                                                                                              \
+        _mongocrypt_buffer_copy_to(                                                                                    \
+            mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_get(fromDataAndContentionFactor),      \
+            out);                                                                                                      \
+        mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_destroy(fromDataAndContentionFactor);      \
+        return true;                                                                                                   \
+    }
+
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Exact)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Exact)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Substring)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Substring)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Suffix)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Suffix)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Prefix)
+DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Prefix)
+#undef DERIVE_TEXT_SEARCH_TOKEN_IMPL
+
+/**
+ * Calculates:
+ * ServerText<T>Token = HMAC(collectionLevel1Token, t)
+ * ServerText<T>DerivedFromDataToken = HMAC(ServerText<T>Token, v)
+ *
+ * <T> = Exact|Substring|Suffix|Prefix
+ * t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
+ *
+ * ServerText<T>DerivedFromDataToken is saved to out.
+ * Note that {out} is initialized even on failure.
+ */
+#define DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Type)                                                   \
+    static bool _fle2_derive_serverText##Type##DerivedFromDataToken(                                                   \
+        _mongocrypt_crypto_t *crypto,                                                                                  \
+        _mongocrypt_buffer_t *out,                                                                                     \
+        const mc_ServerTokenDerivationLevel1Token_t *level1Token,                                                      \
+        const _mongocrypt_buffer_t *value,                                                                             \
+        mongocrypt_status_t *status) {                                                                                 \
+        BSON_ASSERT_PARAM(crypto);                                                                                     \
+        BSON_ASSERT_PARAM(out);                                                                                        \
+        BSON_ASSERT_PARAM(level1Token);                                                                                \
+        BSON_ASSERT_PARAM(value);                                                                                      \
+        BSON_ASSERT_PARAM(status);                                                                                     \
+                                                                                                                       \
+        _mongocrypt_buffer_init(out);                                                                                  \
+        mc_ServerText##Type##Token_t *token = mc_ServerText##Type##Token_new(crypto, level1Token, status);             \
+        if (!token) {                                                                                                  \
+            return false;                                                                                              \
+        }                                                                                                              \
+        mc_ServerText##Type##DerivedFromDataToken_t *dataToken =                                                       \
+            mc_ServerText##Type##DerivedFromDataToken_new(crypto, token, value, status);                               \
+        mc_ServerText##Type##Token_destroy(token);                                                                     \
+        if (!dataToken) {                                                                                              \
+            return false;                                                                                              \
+        }                                                                                                              \
+        _mongocrypt_buffer_copy_to(mc_ServerText##Type##DerivedFromDataToken_get(dataToken), out);                     \
+        mc_ServerText##Type##DerivedFromDataToken_destroy(dataToken);                                                  \
+        return true;                                                                                                   \
+    }
+
+DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Exact)
+DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Substring)
+DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Suffix)
+DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Prefix)
+#undef DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL
+
 static bool _fle2_derive_serverDerivedFromDataToken(_mongocrypt_crypto_t *crypto,
                                                     _mongocrypt_buffer_t *out,
                                                     const mc_ServerTokenDerivationLevel1Token_t *level1Token,
@@ -381,7 +514,7 @@ static bool _fle2_placeholder_aes_aead_encrypt(_mongocrypt_key_broker_t *kb,
 // Range V2: p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor || isLeaf)
 static bool _fle2_derive_encrypted_token(_mongocrypt_crypto_t *crypto,
                                          _mongocrypt_buffer_t *out,
-                                         bool use_range_v2,
+                                         bool concatentate_leaf,
                                          const mc_CollectionsLevel1Token_t *collectionsLevel1Token,
                                          const _mongocrypt_buffer_t *escDerivedToken,
                                          const _mongocrypt_buffer_t *eccDerivedToken,
@@ -398,7 +531,7 @@ static bool _fle2_derive_encrypted_token(_mongocrypt_crypto_t *crypto,
     const _mongocrypt_buffer_t *p = &tmp;
     if (!eccDerivedToken) {
         // FLE2v2
-        if (use_range_v2 && is_leaf.set) {
+        if (concatentate_leaf && is_leaf.set) {
             // Range V2; concat isLeaf
             _mongocrypt_buffer_t isLeafBuf;
             if (!_mongocrypt_buffer_copy_from_data_and_size(&isLeafBuf, (uint8_t[]){is_leaf.value}, 1)) {
@@ -483,7 +616,7 @@ static bool _get_tokenKey(_mongocrypt_key_broker_t *kb,
     }
 
     if (indexKey.len != MONGOCRYPT_KEY_LEN) {
-        CLIENT_ERR("invalid indexKey, expected len=%" PRIu32 ", got len=%" PRIu32, MONGOCRYPT_KEY_LEN, indexKey.len);
+        CLIENT_ERR("invalid indexKey, expected len=%d, got len=%" PRIu32, MONGOCRYPT_KEY_LEN, indexKey.len);
         _mongocrypt_buffer_cleanup(&indexKey);
         return false;
     }
@@ -514,7 +647,6 @@ static bool _mongocrypt_fle2_placeholder_common(_mongocrypt_key_broker_t *kb,
     BSON_ASSERT_PARAM(value);
 
     _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
-    _mongocrypt_buffer_t indexKey = {0};
     *ret = (_FLE2EncryptedPayloadCommon_t){{0}};
 
     if (!_get_tokenKey(kb, indexKeyId, &ret->tokenKey, status)) {
@@ -553,191 +685,25 @@ static bool _mongocrypt_fle2_placeholder_common(_mongocrypt_key_broker_t *kb,
         goto fail;
     }
 
-    if (kb->crypt->opts.use_fle2_v2) {
-        /* FLE2v2 */
-        ret->serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &ret->tokenKey, status);
-        if (!ret->serverTokenDerivationLevel1Token) {
-            CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
-            goto fail;
-        }
-
-        if (!_fle2_derive_serverDerivedFromDataToken(crypto,
-                                                     &ret->serverDerivedFromDataToken,
-                                                     ret->serverTokenDerivationLevel1Token,
-                                                     value,
-                                                     status)) {
-            goto fail;
-        }
-    } else {
-        /* FLE2v1 */
-        if (!_fle2_derive_ECC_token(crypto,
-                                    &ret->eccDerivedToken,
-                                    ret->collectionsLevel1Token,
-                                    value,
-                                    useContentionFactor,
-                                    contentionFactor,
-                                    status)) {
-            goto fail;
-        }
-    }
-
-    _mongocrypt_buffer_cleanup(&indexKey);
-    return true;
-
-fail:
-    _FLE2EncryptedPayloadCommon_cleanup(ret);
-    _mongocrypt_buffer_cleanup(&indexKey);
-    return false;
-}
-
-// Shared implementation for insert/update and insert/update ForRange (v1)
-static bool _mongocrypt_fle2_placeholder_to_insert_update_common_v1(_mongocrypt_key_broker_t *kb,
-                                                                    mc_FLE2InsertUpdatePayload_t *out,
-                                                                    int64_t *contentionFactor,
-                                                                    _FLE2EncryptedPayloadCommon_t *common,
-                                                                    const mc_FLE2EncryptionPlaceholder_t *placeholder,
-                                                                    bson_iter_t *value_iter,
-                                                                    mongocrypt_status_t *status) {
-    BSON_ASSERT_PARAM(kb);
-    BSON_ASSERT_PARAM(out);
-    BSON_ASSERT_PARAM(common);
-    BSON_ASSERT_PARAM(placeholder);
-    BSON_ASSERT_PARAM(value_iter);
-    BSON_ASSERT(kb->crypt);
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
-    BSON_ASSERT(kb->crypt->opts.use_range_v2 == false);
-    BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
-
-    _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
-    _mongocrypt_buffer_t value = {0};
-    bool res = false;
-
-    *contentionFactor = 0;
-    if (placeholder->maxContentionFactor > 0) {
-        /* Choose a random contentionFactor in the inclusive range [0,
-         * placeholder->maxContentionFactor] */
-        if (!_mongocrypt_random_int64(crypto, placeholder->maxContentionFactor + 1, contentionFactor, status)) {
-            goto fail;
-        }
-    }
-
-    _mongocrypt_buffer_from_iter(&value, value_iter);
-    if (!_mongocrypt_fle2_placeholder_common(kb,
-                                             common,
-                                             &placeholder->index_key_id,
-                                             &value,
-                                             true, /* derive tokens using contentionFactor */
-                                             *contentionFactor,
-                                             status)) {
-        goto fail;
-    }
-
-    // d := EDCDerivedToken
-    _mongocrypt_buffer_steal(&out->edcDerivedToken, &common->edcDerivedToken);
-    // s := ESCDerivedToken
-    _mongocrypt_buffer_steal(&out->escDerivedToken, &common->escDerivedToken);
-    // c := ECCDerivedToken
-    _mongocrypt_buffer_steal(&out->eccDerivedToken, &common->eccDerivedToken);
-
-    // p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor ||
-    // ECCDerivedFromDataTokenAndContentionFactor)
-    if (!_fle2_derive_encrypted_token(crypto,
-                                      &out->encryptedTokens,
-                                      false, // Can't use range V2 with FLE V1
-                                      common->collectionsLevel1Token,
-                                      &out->escDerivedToken,
-                                      &out->eccDerivedToken,
-                                      (mc_optional_bool_t){0}, // Unset is_leaf as it's not used in V1
-                                      status)) {
+    ret->serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &ret->tokenKey, status);
+    if (!ret->serverTokenDerivationLevel1Token) {
+        CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
         goto fail;
     }
 
-    _mongocrypt_buffer_copy_to(&placeholder->index_key_id,
-                               &out->indexKeyId); // u
-    out->valueType = bson_iter_type(value_iter);  // t
-
-    // v := UserKeyId + EncryptCTRAEAD(UserKey, value)
-    {
-        _mongocrypt_buffer_t ciphertext = {0};
-        if (!_fle2_placeholder_aes_aead_encrypt(kb,
-                                                _mcFLE2AEADAlgorithm(),
-                                                &ciphertext,
-                                                &placeholder->user_key_id,
-                                                &value,
-                                                status)) {
-            goto fail;
-        }
-        const _mongocrypt_buffer_t v[2] = {placeholder->user_key_id, ciphertext};
-        const bool ok = _mongocrypt_buffer_concat(&out->value, v, 2);
-        _mongocrypt_buffer_cleanup(&ciphertext);
-        if (!ok) {
-            goto fail;
-        }
-    }
-
-    // e := ServerDataEncryptionLevel1Token
-    _mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(common->serverDataEncryptionLevel1Token),
-                               &out->serverEncryptionToken);
-
-    res = true;
-fail:
-    _mongocrypt_buffer_cleanup(&value);
-    return res;
-}
-
-/**
- * Payload subtype 4: FLE2InsertUpdatePayload
- *
- * {d: EDC, s: ESC, c: ECC,
- *  p: encToken, u: indexKeyId, t: type,
- *  v: value, e: serverToken}
- */
-static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertext_v1(_mongocrypt_key_broker_t *kb,
-                                                                        _mongocrypt_marking_t *marking,
-                                                                        _mongocrypt_ciphertext_t *ciphertext,
-                                                                        mongocrypt_status_t *status) {
-    BSON_ASSERT_PARAM(kb);
-    BSON_ASSERT_PARAM(marking);
-    BSON_ASSERT_PARAM(ciphertext);
-    BSON_ASSERT_PARAM(status);
-    BSON_ASSERT(kb->crypt);
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
-    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
-    BSON_ASSERT(marking->fle2.algorithm == MONGOCRYPT_FLE2_ALGORITHM_EQUALITY);
-
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
-    _FLE2EncryptedPayloadCommon_t common = {{0}};
-    mc_FLE2InsertUpdatePayload_t payload;
-    mc_FLE2InsertUpdatePayload_init(&payload);
-    bool res = false;
-
-    int64_t contentionFactor = 0; /* ignored */
-    if (!_mongocrypt_fle2_placeholder_to_insert_update_common_v1(kb,
-                                                                 &payload,
-                                                                 &contentionFactor,
-                                                                 &common,
-                                                                 placeholder,
-                                                                 &placeholder->v_iter,
-                                                                 status)) {
+    if (!_fle2_derive_serverDerivedFromDataToken(crypto,
+                                                 &ret->serverDerivedFromDataToken,
+                                                 ret->serverTokenDerivationLevel1Token,
+                                                 value,
+                                                 status)) {
         goto fail;
     }
 
-    {
-        bson_t out;
-        bson_init(&out);
-        mc_FLE2InsertUpdatePayload_serialize(&payload, &out);
-        _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
-    }
-    // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2InsertUpdatePayload.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayload;
+    return true;
 
-    res = true;
 fail:
-    mc_FLE2InsertUpdatePayload_cleanup(&payload);
-    _FLE2EncryptedPayloadCommon_cleanup(&common);
-
-    return res;
+    _FLE2EncryptedPayloadCommon_cleanup(ret);
+    return false;
 }
 
 // Shared implementation for insert/update and insert/update ForRange (v2)
@@ -753,7 +719,6 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_common(_mongocrypt_key
     BSON_ASSERT_PARAM(placeholder);
     BSON_ASSERT_PARAM(value_iter);
     BSON_ASSERT(kb->crypt);
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == true);
     BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
 
     _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
@@ -791,7 +756,7 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_common(_mongocrypt_key
     if (!_fle2_derive_encrypted_token(
             crypto,
             &out->encryptedTokens,
-            kb->crypt->opts.use_range_v2,
+            true,
             common->collectionsLevel1Token,
             &out->escDerivedToken,
             NULL, // unused in v2
@@ -839,8 +804,6 @@ fail:
 
 /**
  * Payload subtype 11: FLE2InsertUpdatePayloadV2
- * Delegates to ..._insert_update_ciphertext_v1 for subtype 4
- *   when crypt.opts.use_fle2_v2 == false
  *
  * {d: EDC, s: ESC, p: encToken,
  *  u: indexKeyId, t: valueType, v: value,
@@ -857,11 +820,7 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertext(_mongocrypt
     BSON_ASSERT(kb->crypt);
     BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
 
-    if (!kb->crypt->opts.use_fle2_v2) {
-        return _mongocrypt_fle2_placeholder_to_insert_update_ciphertext_v1(kb, marking, ciphertext, status);
-    }
-
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
     _FLE2EncryptedPayloadCommon_t common = {{0}};
     mc_FLE2InsertUpdatePayloadV2_t payload;
     mc_FLE2InsertUpdatePayloadV2_init(&payload);
@@ -897,8 +856,7 @@ fail:
 
 // get_edges creates and returns edges from an FLE2RangeInsertSpec. Returns NULL
 // on error.
-static mc_edges_t *
-get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_status_t *status, bool use_range_v2) {
+static mc_edges_t *get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(insertSpec);
 
     bson_type_t value_type = bson_iter_type(&insertSpec->v);
@@ -909,8 +867,7 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
                                                           .max = OPT_I32(bson_iter_int32(&insertSpec->max)),
                                                           .sparsity = sparsity,
                                                           .trimFactor = insertSpec->trimFactor},
-                                status,
-                                use_range_v2);
+                                status);
     }
 
     else if (value_type == BSON_TYPE_INT64) {
@@ -919,8 +876,7 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
                                                           .max = OPT_I64(bson_iter_int64(&insertSpec->max)),
                                                           .sparsity = sparsity,
                                                           .trimFactor = insertSpec->trimFactor},
-                                status,
-                                use_range_v2);
+                                status);
     }
 
     else if (value_type == BSON_TYPE_DATE_TIME) {
@@ -929,8 +885,7 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
                                                           .max = OPT_I64(bson_iter_date_time(&insertSpec->max)),
                                                           .sparsity = sparsity,
                                                           .trimFactor = insertSpec->trimFactor},
-                                status,
-                                use_range_v2);
+                                status);
     }
 
     else if (value_type == BSON_TYPE_DOUBLE) {
@@ -946,11 +901,11 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
             args.precision = insertSpec->precision;
         }
 
-        return mc_getEdgesDouble(args, status, use_range_v2);
+        return mc_getEdgesDouble(args, status);
     }
 
     else if (value_type == BSON_TYPE_DECIMAL128) {
-#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
+#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT()
         const mc_dec128 value = mc_dec128_from_bson_iter(&insertSpec->v);
         mc_getEdgesDecimal128_args_t args = {
             .value = value,
@@ -964,7 +919,7 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
             args.max = OPT_MC_DEC128(max);
             args.precision = insertSpec->precision;
         }
-        return mc_getEdgesDecimal128(args, status, use_range_v2);
+        return mc_getEdgesDecimal128(args, status);
 #else // ↑↑↑↑↑↑↑↑ With Decimal128 / Without ↓↓↓↓↓↓↓↓↓↓
         CLIENT_ERR("unsupported BSON type (Decimal128) for range: libmongocrypt "
                    "was built without extended Decimal128 support");
@@ -977,58 +932,53 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
 }
 
 /**
- * Payload subtype 4: FLE2InsertUpdatePayload for range updates
+ * Payload subtype 11: FLE2InsertUpdatePayloadV2 for range updates
  *
- * {d: EDC, s: ESC, c: ECC,
- *  p: encToken, u: indexKeyId, t: type,
- *  v: value, e: serverToken,
- *  g: [{d: EDC, s: ESC, c: ECC, p: encToken},
- *      {d: EDC, s: ESC, c: ECC, p: encToken},
+ * {d: EDC, s: ESC, p: encToken,
+ *  u: indexKeyId, t: valueType, v: value,
+ *  e: serverToken, l: serverDerivedFromDataToken,
+ *  k: contentionFactor,
+ *  g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
+ *      {d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
  *      ...]}
  */
-static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(_mongocrypt_key_broker_t *kb,
-                                                                                _mongocrypt_marking_t *marking,
-                                                                                _mongocrypt_ciphertext_t *ciphertext,
-                                                                                mongocrypt_status_t *status) {
+static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange(_mongocrypt_key_broker_t *kb,
+                                                                             _mongocrypt_marking_t *marking,
+                                                                             _mongocrypt_ciphertext_t *ciphertext,
+                                                                             mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(kb);
     BSON_ASSERT_PARAM(marking);
     BSON_ASSERT_PARAM(ciphertext);
-    BSON_ASSERT_PARAM(status);
     BSON_ASSERT(kb->crypt);
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
-    BSON_ASSERT(kb->crypt->opts.use_range_v2 == false);
     BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
-    BSON_ASSERT(marking->fle2.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
 
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
     _FLE2EncryptedPayloadCommon_t common = {{0}};
-    mc_FLE2InsertUpdatePayload_t payload;
-    mc_FLE2InsertUpdatePayload_init(&payload);
+    mc_FLE2InsertUpdatePayloadV2_t payload;
+    mc_FLE2InsertUpdatePayloadV2_init(&payload);
     bool res = false;
     mc_edges_t *edges = NULL;
 
     // Parse the value ("v"), min ("min"), and max ("max") from
     // FLE2EncryptionPlaceholder for range insert.
     mc_FLE2RangeInsertSpec_t insertSpec;
-    if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter, kb->crypt->opts.use_range_v2, status)) {
+    if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter, status)) {
         goto fail;
     }
 
-    int64_t contentionFactor = 0;
-    if (!_mongocrypt_fle2_placeholder_to_insert_update_common_v1(kb,
-                                                                 &payload,
-                                                                 &contentionFactor,
-                                                                 &common,
-                                                                 &marking->fle2,
-                                                                 &insertSpec.v,
-                                                                 status)) {
+    if (!_mongocrypt_fle2_placeholder_to_insert_update_common(kb,
+                                                              &payload,
+                                                              &common,
+                                                              &marking->u.fle2,
+                                                              &insertSpec.v,
+                                                              status)) {
         goto fail;
     }
 
-    // g:= array<EdgeTokenSet>
+    // g:= array<EdgeTokenSetV2>
     {
         BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
-        edges = get_edges(&insertSpec, (size_t)placeholder->sparsity, status, kb->crypt->opts.use_range_v2);
+        edges = get_edges(&insertSpec, (size_t)placeholder->sparsity, status);
         if (!edges) {
             goto fail;
         }
@@ -1037,10 +987,11 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
             // Create an EdgeTokenSet from each edge.
             bool loop_ok = false;
             const char *edge = mc_edges_get(edges, i);
+            bool is_leaf = mc_edges_is_leaf(edges, edge);
             _mongocrypt_buffer_t edge_buf = {0};
             _FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
             _mongocrypt_buffer_t encryptedTokens = {0};
-            mc_EdgeTokenSet_t etc = {{0}};
+            mc_EdgeTokenSetV2_t etc = {{0}};
 
             if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
                 CLIENT_ERR("failed to copy edge to buffer");
@@ -1052,27 +1003,29 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
                                                      &placeholder->index_key_id,
                                                      &edge_buf,
                                                      true, /* derive tokens using contentionFactor */
-                                                     contentionFactor,
+                                                     payload.contentionFactor,
                                                      status)) {
                 goto fail_loop;
             }
+            BSON_ASSERT(edge_tokens.eccDerivedToken.data == NULL);
 
             // d := EDCDerivedToken
             _mongocrypt_buffer_steal(&etc.edcDerivedToken, &edge_tokens.edcDerivedToken);
             // s := ESCDerivedToken
             _mongocrypt_buffer_steal(&etc.escDerivedToken, &edge_tokens.escDerivedToken);
-            // c := ECCDerivedToken
-            _mongocrypt_buffer_steal(&etc.eccDerivedToken, &edge_tokens.eccDerivedToken);
 
-            // p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor ||
-            // ECCDerivedFromDataTokenAndContentionFactor)
+            // l := serverDerivedFromDataToken
+            _mongocrypt_buffer_steal(&etc.serverDerivedFromDataToken, &edge_tokens.serverDerivedFromDataToken);
+
+            // p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor)
+            // Or in Range V2: p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor || isLeaf)
             if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
                                               &etc.encryptedTokens,
-                                              false, // Range V2 is incompatible with FLE V1
+                                              true,
                                               edge_tokens.collectionsLevel1Token,
                                               &etc.escDerivedToken,
-                                              &etc.eccDerivedToken,
-                                              (mc_optional_bool_t){0}, // Dummy value for isLeaf, unused in FLE V1
+                                              NULL, // ecc unsed in FLE2v2
+                                              OPT_BOOL(is_leaf),
                                               status)) {
                 goto fail_loop;
             }
@@ -1090,242 +1043,572 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
         }
     }
 
+    // Include "range" payload fields introduced in SERVER-91889.
+    payload.sparsity = OPT_I64(placeholder->sparsity);
+    payload.precision = insertSpec.precision;
+    payload.trimFactor = OPT_I32(mc_edges_get_used_trimFactor(edges));
+    bson_value_copy(bson_iter_value(&insertSpec.min), &payload.indexMin);
+    bson_value_copy(bson_iter_value(&insertSpec.max), &payload.indexMax);
+
     {
         bson_t out;
         bson_init(&out);
-        mc_FLE2InsertUpdatePayload_serializeForRange(&payload, &out);
+        mc_FLE2InsertUpdatePayloadV2_serializeForRange(&payload, &out);
         _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
     }
     // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2InsertUpdatePayload.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayload;
+    // not used for FLE2InsertUpdatePayloadV2.
+    ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayloadV2;
 
     res = true;
 fail:
     mc_edges_destroy(edges);
-    mc_FLE2InsertUpdatePayload_cleanup(&payload);
+    mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
     _FLE2EncryptedPayloadCommon_cleanup(&common);
 
     return res;
 }
 
 /**
- * Payload subtype 11: FLE2InsertUpdatePayloadV2 for range updates
- * Delegates to ..._insert_update_ciphertextForRange_v1 for subtype 4
- *   when crypt.opts.use_fle2_v2 == false
+ * Sets up a mc_Text<T>TokenSet_t type by generating its member tokens:
+ * - edcDerivedToken = HMAC(HMAC(HMAC(EDCToken, t), v), cf)
+ * - escDerivedToken = HMAC(HMAC(HMAC(ESCToken, t), v), cf)
+ * - serverDerivedFromDataToken = HMAC(HMAC(ServerLevel1Token, t), v)
+ * and the encrypted token:
+ * - encryptedTokens = EncryptCTR(ECOCToken, escDerivedToken)
  *
- * {d: EDC, s: ESC, p: encToken,
- *  u: indexKeyId, t: valueType, v: value,
- *  e: serverToken, l: serverDerivedFromDataToken,
- *  k: contentionFactor,
- *  g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
- *      {d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
- *      ...]}
+ * <T> = Exact|Substring|Suffix|Prefix
+ * t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
+ * cf = contentionFactor
+ * EDC/ESC/ECOCToken are derived from {collLevel1Token}
  */
-static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange(_mongocrypt_key_broker_t *kb,
-                                                                             _mongocrypt_marking_t *marking,
-                                                                             _mongocrypt_ciphertext_t *ciphertext,
-                                                                             mongocrypt_status_t *status) {
+#define GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Type)                                                             \
+    static bool _fle2_generate_Text##Type##TokenSet(_mongocrypt_key_broker_t *kb,                                      \
+                                                    mc_Text##Type##TokenSet_t *out,                                    \
+                                                    const _mongocrypt_buffer_t *value,                                 \
+                                                    int64_t contentionFactor,                                          \
+                                                    const mc_CollectionsLevel1Token_t *collLevel1Token,                \
+                                                    const mc_ServerTokenDerivationLevel1Token_t *serverLevel1Token,    \
+                                                    mongocrypt_status_t *status) {                                     \
+        BSON_ASSERT_PARAM(kb);                                                                                         \
+        BSON_ASSERT_PARAM(kb->crypt);                                                                                  \
+        BSON_ASSERT_PARAM(out);                                                                                        \
+        BSON_ASSERT_PARAM(value);                                                                                      \
+        BSON_ASSERT_PARAM(collLevel1Token);                                                                            \
+        BSON_ASSERT_PARAM(serverLevel1Token);                                                                          \
+                                                                                                                       \
+        if (!_fle2_derive_EDCText##Type##_token(kb->crypt->crypto,                                                     \
+                                                &out->edcDerivedToken,                                                 \
+                                                collLevel1Token,                                                       \
+                                                value,                                                                 \
+                                                true,                                                                  \
+                                                contentionFactor,                                                      \
+                                                status)) {                                                             \
+            return false;                                                                                              \
+        }                                                                                                              \
+        if (!_fle2_derive_ESCText##Type##_token(kb->crypt->crypto,                                                     \
+                                                &out->escDerivedToken,                                                 \
+                                                collLevel1Token,                                                       \
+                                                value,                                                                 \
+                                                true,                                                                  \
+                                                contentionFactor,                                                      \
+                                                status)) {                                                             \
+            return false;                                                                                              \
+        }                                                                                                              \
+        if (!_fle2_derive_serverText##Type##DerivedFromDataToken(kb->crypt->crypto,                                    \
+                                                                 &out->serverDerivedFromDataToken,                     \
+                                                                 serverLevel1Token,                                    \
+                                                                 value,                                                \
+                                                                 status)) {                                            \
+            return false;                                                                                              \
+        }                                                                                                              \
+        if (!_fle2_derive_encrypted_token(kb->crypt->crypto,                                                           \
+                                          &out->encryptedTokens,                                                       \
+                                          false,                                                                       \
+                                          collLevel1Token,                                                             \
+                                          &out->escDerivedToken,                                                       \
+                                          NULL,                                                                        \
+                                          (mc_optional_bool_t){0},                                                     \
+                                          status)) {                                                                   \
+            return false;                                                                                              \
+        }                                                                                                              \
+        return true;                                                                                                   \
+    }                                                                                                                  \
+    static bool _fle2_generate_Text##Type##FindTokenSet(                                                               \
+        _mongocrypt_key_broker_t *kb,                                                                                  \
+        mc_Text##Type##FindTokenSet_t *out,                                                                            \
+        const _mongocrypt_buffer_t *value,                                                                             \
+        const mc_CollectionsLevel1Token_t *collLevel1Token,                                                            \
+        const mc_ServerTokenDerivationLevel1Token_t *serverLevel1Token,                                                \
+        mongocrypt_status_t *status) {                                                                                 \
+        BSON_ASSERT_PARAM(kb);                                                                                         \
+        BSON_ASSERT_PARAM(kb->crypt);                                                                                  \
+        BSON_ASSERT_PARAM(out);                                                                                        \
+        BSON_ASSERT_PARAM(value);                                                                                      \
+        BSON_ASSERT_PARAM(collLevel1Token);                                                                            \
+        BSON_ASSERT_PARAM(serverLevel1Token);                                                                          \
+        if (!_fle2_derive_EDCText##Type##_token(kb->crypt->crypto,                                                     \
+                                                &out->edcDerivedToken,                                                 \
+                                                collLevel1Token,                                                       \
+                                                value,                                                                 \
+                                                false,                                                                 \
+                                                0,                                                                     \
+                                                status)) {                                                             \
+            return false;                                                                                              \
+        }                                                                                                              \
+        if (!_fle2_derive_ESCText##Type##_token(kb->crypt->crypto,                                                     \
+                                                &out->escDerivedToken,                                                 \
+                                                collLevel1Token,                                                       \
+                                                value,                                                                 \
+                                                false,                                                                 \
+                                                0,                                                                     \
+                                                status)) {                                                             \
+            return false;                                                                                              \
+        }                                                                                                              \
+        if (!_fle2_derive_serverText##Type##DerivedFromDataToken(kb->crypt->crypto,                                    \
+                                                                 &out->serverDerivedFromDataToken,                     \
+                                                                 serverLevel1Token,                                    \
+                                                                 value,                                                \
+                                                                 status)) {                                            \
+            return false;                                                                                              \
+        }                                                                                                              \
+        return true;                                                                                                   \
+    }
+GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Exact)
+GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Substring)
+GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Suffix)
+GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Prefix)
+#undef GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL
+
+static bool _fle2_generate_TextSearchTokenSets(_mongocrypt_key_broker_t *kb,
+                                               mc_FLE2InsertUpdatePayloadV2_t *payload,
+                                               const _mongocrypt_buffer_t *indexKeyId,
+                                               const mc_FLE2TextSearchInsertSpec_t *spec,
+                                               int64_t contentionFactor,
+                                               mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(kb);
-    BSON_ASSERT_PARAM(marking);
-    BSON_ASSERT_PARAM(ciphertext);
-    BSON_ASSERT(kb->crypt);
-    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
-    const bool use_range_v2 = kb->crypt->opts.use_range_v2;
-
-    if (!kb->crypt->opts.use_fle2_v2) {
-        return _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(kb, marking, ciphertext, status);
-    }
+    BSON_ASSERT_PARAM(payload);
+    BSON_ASSERT_PARAM(indexKeyId);
+    BSON_ASSERT_PARAM(spec);
 
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
+    _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
+    mc_TextSearchTokenSets_t *tsts = &payload->textSearchTokenSets.tsts;
     _FLE2EncryptedPayloadCommon_t common = {{0}};
-    mc_FLE2InsertUpdatePayloadV2_t payload;
-    mc_FLE2InsertUpdatePayloadV2_init(&payload);
     bool res = false;
-    mc_edges_t *edges = NULL;
 
-    // Parse the value ("v"), min ("min"), and max ("max") from
-    // FLE2EncryptionPlaceholder for range insert.
-    mc_FLE2RangeInsertSpec_t insertSpec;
-    if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter, use_range_v2, status)) {
+    mc_str_encode_sets_t *encodeSets = mc_text_search_str_encode(spec, status);
+    if (!encodeSets) {
         goto fail;
     }
 
-    if (!_mongocrypt_fle2_placeholder_to_insert_update_common(kb,
-                                                              &payload,
-                                                              &common,
-                                                              &marking->fle2,
-                                                              &insertSpec.v,
-                                                              status)) {
+    // Start the token derivations
+    if (!_get_tokenKey(kb, indexKeyId, &common.tokenKey, status)) {
         goto fail;
     }
 
-    // g:= array<EdgeTokenSetV2>
+    common.collectionsLevel1Token = mc_CollectionsLevel1Token_new(crypto, &common.tokenKey, status);
+    if (!common.collectionsLevel1Token) {
+        CLIENT_ERR("unable to derive collectionLevel1Token");
+        goto fail;
+    }
+
+    common.serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &common.tokenKey, status);
+    if (!common.serverTokenDerivationLevel1Token) {
+        CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
+        goto fail;
+    }
+
+    // Generate exact token set singleton
     {
-        BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
-        edges = get_edges(&insertSpec, (size_t)placeholder->sparsity, status, kb->crypt->opts.use_range_v2);
-        if (!edges) {
+        _mongocrypt_buffer_t asBsonValue;
+        _mongocrypt_buffer_init(&asBsonValue);
+        BSON_ASSERT(encodeSets->exact.len < INT_MAX);
+        _mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue,
+                                                          (const char *)encodeSets->exact.data,
+                                                          (int)encodeSets->exact.len);
+        if (!_fle2_generate_TextExactTokenSet(kb,
+                                              &tsts->exact,
+                                              &asBsonValue,
+                                              contentionFactor,
+                                              common.collectionsLevel1Token,
+                                              common.serverTokenDerivationLevel1Token,
+                                              status)) {
+            _mongocrypt_buffer_cleanup(&asBsonValue);
             goto fail;
         }
+        _mongocrypt_buffer_cleanup(&asBsonValue);
+    }
 
-        for (size_t i = 0; i < mc_edges_len(edges); ++i) {
-            // Create an EdgeTokenSet from each edge.
-            bool loop_ok = false;
-            const char *edge = mc_edges_get(edges, i);
-            bool is_leaf = mc_edges_is_leaf(edges, edge);
-            _mongocrypt_buffer_t edge_buf = {0};
-            _FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
-            _mongocrypt_buffer_t encryptedTokens = {0};
-            mc_EdgeTokenSetV2_t etc = {{0}};
+    const char *substring;
+    uint32_t bytelen;
+    uint32_t appendCount;
 
-            if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
-                CLIENT_ERR("failed to copy edge to buffer");
-                goto fail_loop;
+    // Generate array of substring token sets
+    if (encodeSets->substring_set) {
+        mc_substring_set_iter_t set_itr;
+        mc_substring_set_iter_init(&set_itr, encodeSets->substring_set);
+
+        while (mc_substring_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
+            BSON_ASSERT(appendCount > 0);
+            BSON_ASSERT(bytelen < INT_MAX);
+
+            mc_TextSubstringTokenSet_t tset = {{0}};
+
+            _mongocrypt_buffer_t asBsonValue;
+            _mongocrypt_buffer_init(&asBsonValue);
+            _mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
+
+            if (!_fle2_generate_TextSubstringTokenSet(kb,
+                                                      &tset,
+                                                      &asBsonValue,
+                                                      contentionFactor,
+                                                      common.collectionsLevel1Token,
+                                                      common.serverTokenDerivationLevel1Token,
+                                                      status)) {
+                _mongocrypt_buffer_cleanup(&asBsonValue);
+                mc_TextSubstringTokenSet_cleanup(&tset);
+                goto fail;
             }
+            _mongocrypt_buffer_cleanup(&asBsonValue);
 
-            if (!_mongocrypt_fle2_placeholder_common(kb,
-                                                     &edge_tokens,
-                                                     &placeholder->index_key_id,
-                                                     &edge_buf,
-                                                     true, /* derive tokens using contentionFactor */
-                                                     payload.contentionFactor,
-                                                     status)) {
-                goto fail_loop;
+            if (appendCount > 1) {
+                mc_TextSubstringTokenSet_t tset_copy;
+                mc_TextSubstringTokenSet_shallow_copy(&tset, &tset_copy);
+                for (; appendCount > 1; appendCount--) {
+                    _mc_array_append_val(&tsts->substringArray, tset_copy);
+                }
             }
-            BSON_ASSERT(edge_tokens.eccDerivedToken.data == NULL);
+            _mc_array_append_val(&tsts->substringArray, tset); // array now owns tset
+        }
+    }
 
-            // d := EDCDerivedToken
-            _mongocrypt_buffer_steal(&etc.edcDerivedToken, &edge_tokens.edcDerivedToken);
-            // s := ESCDerivedToken
-            _mongocrypt_buffer_steal(&etc.escDerivedToken, &edge_tokens.escDerivedToken);
+    // Generate array of suffix token sets
+    if (encodeSets->suffix_set) {
+        mc_affix_set_iter_t set_itr;
+        mc_affix_set_iter_init(&set_itr, encodeSets->suffix_set);
 
-            // l := serverDerivedFromDataToken
-            _mongocrypt_buffer_steal(&etc.serverDerivedFromDataToken, &edge_tokens.serverDerivedFromDataToken);
+        while (mc_affix_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
+            BSON_ASSERT(appendCount > 0);
+            BSON_ASSERT(bytelen < INT_MAX);
 
-            // p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor)
-            // Or in Range V2: p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor || isLeaf)
-            if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
-                                              &etc.encryptedTokens,
-                                              kb->crypt->opts.use_range_v2,
-                                              edge_tokens.collectionsLevel1Token,
-                                              &etc.escDerivedToken,
-                                              NULL, // ecc unsed in FLE2v2
-                                              OPT_BOOL(is_leaf),
-                                              status)) {
-                goto fail_loop;
+            mc_TextSuffixTokenSet_t tset = {{0}};
+            mc_TextSuffixTokenSet_init(&tset);
+
+            _mongocrypt_buffer_t asBsonValue;
+            _mongocrypt_buffer_init(&asBsonValue);
+            _mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
+
+            if (!_fle2_generate_TextSuffixTokenSet(kb,
+                                                   &tset,
+                                                   &asBsonValue,
+                                                   contentionFactor,
+                                                   common.collectionsLevel1Token,
+                                                   common.serverTokenDerivationLevel1Token,
+                                                   status)) {
+                _mongocrypt_buffer_cleanup(&asBsonValue);
+                mc_TextSuffixTokenSet_cleanup(&tset);
+                goto fail;
             }
+            _mongocrypt_buffer_cleanup(&asBsonValue);
 
-            _mc_array_append_val(&payload.edgeTokenSetArray, etc);
+            if (appendCount > 1) {
+                mc_TextSuffixTokenSet_t tset_copy;
+                mc_TextSuffixTokenSet_shallow_copy(&tset, &tset_copy);
+                for (; appendCount > 1; appendCount--) {
+                    _mc_array_append_val(&tsts->suffixArray, tset_copy);
+                }
+            }
+            _mc_array_append_val(&tsts->suffixArray, tset); // array now owns tset
+        }
+    }
 
-            loop_ok = true;
-        fail_loop:
-            _mongocrypt_buffer_cleanup(&encryptedTokens);
-            _FLE2EncryptedPayloadCommon_cleanup(&edge_tokens);
-            _mongocrypt_buffer_cleanup(&edge_buf);
-            if (!loop_ok) {
+    // Generate array of prefix token sets
+    if (encodeSets->prefix_set) {
+        mc_affix_set_iter_t set_itr;
+        mc_affix_set_iter_init(&set_itr, encodeSets->prefix_set);
+
+        while (mc_affix_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
+            BSON_ASSERT(appendCount > 0);
+            BSON_ASSERT(bytelen < INT_MAX);
+
+            mc_TextPrefixTokenSet_t tset = {{0}};
+            mc_TextPrefixTokenSet_init(&tset);
+
+            _mongocrypt_buffer_t asBsonValue;
+            _mongocrypt_buffer_init(&asBsonValue);
+            _mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
+
+            if (!_fle2_generate_TextPrefixTokenSet(kb,
+                                                   &tset,
+                                                   &asBsonValue,
+                                                   contentionFactor,
+                                                   common.collectionsLevel1Token,
+                                                   common.serverTokenDerivationLevel1Token,
+                                                   status)) {
+                _mongocrypt_buffer_cleanup(&asBsonValue);
+                mc_TextPrefixTokenSet_cleanup(&tset);
                 goto fail;
             }
+            _mongocrypt_buffer_cleanup(&asBsonValue);
+
+            if (appendCount > 1) {
+                mc_TextPrefixTokenSet_t tset_copy;
+                mc_TextPrefixTokenSet_shallow_copy(&tset, &tset_copy);
+                for (; appendCount > 1; appendCount--) {
+                    _mc_array_append_val(&tsts->prefixArray, tset_copy); // array now owns tset_copy
+                }
+            }
+            _mc_array_append_val(&tsts->prefixArray, tset); // moves ownership of tset
         }
     }
+    payload->textSearchTokenSets.set = true;
+    res = true;
+fail:
+    _FLE2EncryptedPayloadCommon_cleanup(&common);
+    mc_str_encode_sets_destroy(encodeSets);
+    return res;
+}
 
-    // Include "range" payload fields introduced in SERVER-91889.
-    payload.sparsity = OPT_I64(placeholder->sparsity);
-    payload.precision = insertSpec.precision;
-    payload.trimFactor = OPT_I32(mc_edges_get_used_trimFactor(edges));
-    bson_value_copy(bson_iter_value(&insertSpec.min), &payload.indexMin);
-    bson_value_copy(bson_iter_value(&insertSpec.max), &payload.indexMax);
+static bool _fle2_generate_TextSearchFindTokenSets(_mongocrypt_key_broker_t *kb,
+                                                   mc_TextSearchFindTokenSets_t *out,
+                                                   const _mongocrypt_buffer_t *indexKeyId,
+                                                   const mc_FLE2TextSearchInsertSpec_t *spec,
+                                                   mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(kb);
+    BSON_ASSERT_PARAM(kb->crypt);
+    BSON_ASSERT_PARAM(out);
+    BSON_ASSERT_PARAM(indexKeyId);
+    BSON_ASSERT_PARAM(spec);
 
-    {
-        bson_t out;
-        bson_init(&out);
-        mc_FLE2InsertUpdatePayloadV2_serializeForRange(&payload, &out, use_range_v2);
-        _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
+    _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
+    _FLE2EncryptedPayloadCommon_t common = {{0}};
+    _mongocrypt_buffer_t asBsonValue = {0};
+    bool res = false;
+
+    int operator_count = (int)spec->substr.set + (int)spec->suffix.set + (int)spec->prefix.set;
+    if (operator_count > 1) {
+        CLIENT_ERR("Text search query specification cannot contain multiple query type specifications");
+        goto fail;
+    }
+
+    if (!mc_text_search_str_query(spec, &asBsonValue, status)) {
+        goto fail;
+    }
+
+    // Start the token derivations
+    if (!_get_tokenKey(kb, indexKeyId, &common.tokenKey, status)) {
+        goto fail;
+    }
+
+    common.collectionsLevel1Token = mc_CollectionsLevel1Token_new(crypto, &common.tokenKey, status);
+    if (!common.collectionsLevel1Token) {
+        CLIENT_ERR("unable to derive collectionLevel1Token");
+        goto fail;
     }
-    // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2InsertUpdatePayloadV2.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayloadV2;
 
+    common.serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &common.tokenKey, status);
+    if (!common.serverTokenDerivationLevel1Token) {
+        CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
+        goto fail;
+    }
+
+    if (spec->substr.set) {
+        if (!_fle2_generate_TextSubstringFindTokenSet(kb,
+                                                      &out->substring.value,
+                                                      &asBsonValue,
+                                                      common.collectionsLevel1Token,
+                                                      common.serverTokenDerivationLevel1Token,
+                                                      status)) {
+            goto fail;
+        }
+        out->substring.set = true;
+    } else if (spec->suffix.set) {
+        if (!_fle2_generate_TextSuffixFindTokenSet(kb,
+                                                   &out->suffix.value,
+                                                   &asBsonValue,
+                                                   common.collectionsLevel1Token,
+                                                   common.serverTokenDerivationLevel1Token,
+                                                   status)) {
+            goto fail;
+        }
+        out->suffix.set = true;
+
+    } else if (spec->prefix.set) {
+        if (!_fle2_generate_TextPrefixFindTokenSet(kb,
+                                                   &out->prefix.value,
+                                                   &asBsonValue,
+                                                   common.collectionsLevel1Token,
+                                                   common.serverTokenDerivationLevel1Token,
+                                                   status)) {
+            goto fail;
+        }
+        out->prefix.set = true;
+    } else {
+        if (!_fle2_generate_TextExactFindTokenSet(kb,
+                                                  &out->exact.value,
+                                                  &asBsonValue,
+                                                  common.collectionsLevel1Token,
+                                                  common.serverTokenDerivationLevel1Token,
+                                                  status)) {
+            goto fail;
+        }
+        out->exact.set = true;
+    }
     res = true;
 fail:
-    mc_edges_destroy(edges);
-    mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
+    _mongocrypt_buffer_cleanup(&asBsonValue);
     _FLE2EncryptedPayloadCommon_cleanup(&common);
-
     return res;
 }
 
 /**
- * Payload subtype 5: FLE2FindEqualityPayload
+ * Payload subtype 11: FLE2InsertUpdatePayloadV2 for text search inserts/updates
  *
- * {d: EDC, s: ESC, c: ECC, e: serverToken, cm: maxContentionFactor}
+ * {v: value, u: indexKeyId, t: valueType, k: contentionFactor, e: serverToken,
+ *  b: { e: {d: EDC_exact, s: ESC_exact, l: svrDFDToken_exact, p: encToken_exact},
+ *       s: [{d: EDC_substr, s: ESC_substr, l: svrDFDToken_substr, p: encToken_substr}, ...]
+ *       u: [{d: EDC_suffix, s: ESC_suffix, l: svrDFDToken_suffix, p: encToken_suffix}, ...]
+ *       p: [{d: EDC_prefix, s: ESC_prefix, l: svrDFDToken_prefix, p: encToken_prefix}, ...]
+ *     },
+ *  d: bogusToken, s: bogusToken, l: bogusToken, p: bogusCiphertext
+ * }
  */
-static bool _mongocrypt_fle2_placeholder_to_find_ciphertext_v1(_mongocrypt_key_broker_t *kb,
-                                                               _mongocrypt_marking_t *marking,
-                                                               _mongocrypt_ciphertext_t *ciphertext,
-                                                               mongocrypt_status_t *status) {
+static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForTextSearch(_mongocrypt_key_broker_t *kb,
+                                                                                  _mongocrypt_marking_t *marking,
+                                                                                  _mongocrypt_ciphertext_t *ciphertext,
+                                                                                  mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(kb);
     BSON_ASSERT_PARAM(marking);
     BSON_ASSERT_PARAM(ciphertext);
+    BSON_ASSERT(kb->crypt);
+    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
+
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
+    BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
+    BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_TEXT_SEARCH);
 
     _FLE2EncryptedPayloadCommon_t common = {{0}};
+    mc_FLE2InsertUpdatePayloadV2_t payload;
+    mc_FLE2InsertUpdatePayloadV2_init(&payload);
+
     _mongocrypt_buffer_t value = {0};
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
-    mc_FLE2FindEqualityPayload_t payload;
     bool res = false;
 
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
-    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
-    BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
-    _mongocrypt_buffer_init(&value);
-    mc_FLE2FindEqualityPayload_init(&payload);
+    mc_FLE2TextSearchInsertSpec_t insertSpec;
+    if (!mc_FLE2TextSearchInsertSpec_parse(&insertSpec, &placeholder->v_iter, status)) {
+        goto fail;
+    }
 
-    _mongocrypt_buffer_from_iter(&value, &placeholder->v_iter);
+    // One of substr/suffix/prefix must be set for inserts
+    if (!(insertSpec.substr.set || insertSpec.suffix.set || insertSpec.prefix.set)) {
+        CLIENT_ERR("FLE2TextSearchInsertSpec is missing a substring, suffix, or prefix index specification");
+        goto fail;
+    }
+
+    // t
+    payload.valueType = BSON_TYPE_UTF8;
+
+    // k
+    payload.contentionFactor = 0;
+    if (placeholder->maxContentionFactor > 0) {
+        /* Choose a random contentionFactor in the inclusive range [0,
+         * placeholder->maxContentionFactor] */
+        if (!_mongocrypt_random_int64(kb->crypt->crypto,
+                                      placeholder->maxContentionFactor + 1,
+                                      &payload.contentionFactor,
+                                      status)) {
+            goto fail;
+        }
+    }
+
+    // u
+    _mongocrypt_buffer_copy_to(&placeholder->index_key_id, &payload.indexKeyId);
 
+    _mongocrypt_buffer_from_iter(&value, &insertSpec.v_iter);
     if (!_mongocrypt_fle2_placeholder_common(kb,
                                              &common,
                                              &placeholder->index_key_id,
                                              &value,
-                                             false, /* derive tokens without contentionFactor */
-                                             placeholder->maxContentionFactor, /* ignored */
+                                             true, /* derive tokens using contentionFactor */
+                                             payload.contentionFactor,
                                              status)) {
         goto fail;
     }
 
-    // d := EDCDerivedToken
-    _mongocrypt_buffer_steal(&payload.edcDerivedToken, &common.edcDerivedToken);
-    // s := ESCDerivedToken
-    _mongocrypt_buffer_steal(&payload.escDerivedToken, &common.escDerivedToken);
-    // c := ECCDerivedToken
-    _mongocrypt_buffer_steal(&payload.eccDerivedToken, &common.eccDerivedToken);
+    // (d, s, l) are never used for text search, so just set these to bogus buffers of
+    // correct length.
+    BSON_ASSERT(_mongocrypt_buffer_steal_from_data_and_size(&payload.edcDerivedToken,
+                                                            bson_malloc0(MONGOCRYPT_HMAC_SHA256_LEN),
+                                                            MONGOCRYPT_HMAC_SHA256_LEN));
+    _mongocrypt_buffer_copy_to(&payload.edcDerivedToken, &payload.escDerivedToken);
+    _mongocrypt_buffer_copy_to(&payload.edcDerivedToken, &payload.serverDerivedFromDataToken);
+
+    // p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor)
+    // Since p is never used for text search, this just sets p to a bogus ciphertext of
+    // the correct length.
+    if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
+                                      &payload.encryptedTokens,
+                                      false,
+                                      common.collectionsLevel1Token,
+                                      &payload.escDerivedToken, // bogus
+                                      NULL,                     // unused in FLE2v2
+                                      (mc_optional_bool_t){0},
+                                      status)) {
+        goto fail;
+    }
 
+    // v := UserKeyId + EncryptCBCAEAD(UserKey, value)
+    {
+        _mongocrypt_buffer_t ciphertext = {0};
+        if (!_fle2_placeholder_aes_aead_encrypt(kb,
+                                                _mcFLE2v2AEADAlgorithm(),
+                                                &ciphertext,
+                                                &placeholder->user_key_id,
+                                                &value,
+                                                status)) {
+            goto fail;
+        }
+        const _mongocrypt_buffer_t v[2] = {placeholder->user_key_id, ciphertext};
+        const bool ok = _mongocrypt_buffer_concat(&payload.value, v, 2);
+        _mongocrypt_buffer_cleanup(&ciphertext);
+        if (!ok) {
+            goto fail;
+        }
+    }
     // e := ServerDataEncryptionLevel1Token
     _mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(common.serverDataEncryptionLevel1Token),
                                &payload.serverEncryptionToken);
 
-    payload.maxContentionFactor = placeholder->maxContentionFactor;
+    // b
+    if (!_fle2_generate_TextSearchTokenSets(kb,
+                                            &payload,
+                                            &placeholder->index_key_id,
+                                            &insertSpec,
+                                            payload.contentionFactor,
+                                            status)) {
+        goto fail;
+    }
 
     {
         bson_t out;
         bson_init(&out);
-        mc_FLE2FindEqualityPayload_serialize(&payload, &out);
+        mc_FLE2InsertUpdatePayloadV2_serializeForTextSearch(&payload, &out);
         _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
     }
     // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2FindEqualityPayload.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindEqualityPayload;
+    // not used for FLE2InsertUpdatePayloadV2.
+    ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayloadV2;
 
     res = true;
 fail:
-    mc_FLE2FindEqualityPayload_cleanup(&payload);
+    mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
     _mongocrypt_buffer_cleanup(&value);
     _FLE2EncryptedPayloadCommon_cleanup(&common);
-
     return res;
 }
 
 /**
  * Payload subtype 12: FLE2FindEqualityPayloadV2
- * Delegates to ..._find_ciphertext_v1 when crypt->opts.use_fle2_v2 == false.
  *
  * {d: EDC, s: ESC, l: serverDerivedFromDataToken, cm: maxContentionFactor}
  */
@@ -1337,13 +1620,9 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertext(_mongocrypt_key_brok
     BSON_ASSERT_PARAM(marking);
     BSON_ASSERT_PARAM(ciphertext);
 
-    if (kb->crypt->opts.use_fle2_v2 == false) {
-        return _mongocrypt_fle2_placeholder_to_find_ciphertext_v1(kb, marking, ciphertext, status);
-    }
-
     _FLE2EncryptedPayloadCommon_t common = {{0}};
     _mongocrypt_buffer_t value = {0};
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
     mc_FLE2FindEqualityPayloadV2_t payload;
     bool res = false;
 
@@ -1401,10 +1680,8 @@ static bool isInfinite(bson_iter_t *iter) {
 
 // mc_get_mincover_from_FLE2RangeFindSpec creates and returns a mincover from an
 // FLE2RangeFindSpec. Returns NULL on error.
-mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *findSpec,
-                                                      size_t sparsity,
-                                                      mongocrypt_status_t *status,
-                                                      bool use_range_v2) {
+mc_mincover_t *
+mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *findSpec, size_t sparsity, mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(findSpec);
     BSON_ASSERT(findSpec->edgesInfo.set);
 
@@ -1465,8 +1742,7 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
                                          .max = OPT_I32(bson_iter_int32(&findSpec->edgesInfo.value.indexMax)),
                                          .sparsity = sparsity,
                                          .trimFactor = findSpec->edgesInfo.value.trimFactor},
-            status,
-            use_range_v2);
+            status);
 
     case BSON_TYPE_INT64:
         BSON_ASSERT(bson_iter_type(&lowerBound) == BSON_TYPE_INT64);
@@ -1482,8 +1758,7 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
                                          .max = OPT_I64(bson_iter_int64(&findSpec->edgesInfo.value.indexMax)),
                                          .sparsity = sparsity,
                                          .trimFactor = findSpec->edgesInfo.value.trimFactor},
-            status,
-            use_range_v2);
+            status);
     case BSON_TYPE_DATE_TIME:
         BSON_ASSERT(bson_iter_type(&lowerBound) == BSON_TYPE_DATE_TIME);
         BSON_ASSERT(bson_iter_type(&upperBound) == BSON_TYPE_DATE_TIME);
@@ -1498,8 +1773,7 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
                                          .max = OPT_I64(bson_iter_date_time(&findSpec->edgesInfo.value.indexMax)),
                                          .sparsity = sparsity,
                                          .trimFactor = findSpec->edgesInfo.value.trimFactor},
-            status,
-            use_range_v2);
+            status);
     case BSON_TYPE_DOUBLE: {
         BSON_ASSERT(bson_iter_type(&lowerBound) == BSON_TYPE_DOUBLE);
         BSON_ASSERT(bson_iter_type(&upperBound) == BSON_TYPE_DOUBLE);
@@ -1520,10 +1794,10 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
             args.max = OPT_DOUBLE(bson_iter_double(&findSpec->edgesInfo.value.indexMax));
             args.precision = findSpec->edgesInfo.value.precision;
         }
-        return mc_getMincoverDouble(args, status, use_range_v2);
+        return mc_getMincoverDouble(args, status);
     }
     case BSON_TYPE_DECIMAL128: {
-#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
+#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT()
         BSON_ASSERT(bson_iter_type(&lowerBound) == BSON_TYPE_DECIMAL128);
         BSON_ASSERT(bson_iter_type(&upperBound) == BSON_TYPE_DECIMAL128);
         BSON_ASSERT(bson_iter_type(&findSpec->edgesInfo.value.indexMin) == BSON_TYPE_DECIMAL128);
@@ -1540,7 +1814,7 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
             args.max = OPT_MC_DEC128(mc_dec128_from_bson_iter(&findSpec->edgesInfo.value.indexMax));
             args.precision = findSpec->edgesInfo.value.precision;
         }
-        return mc_getMincoverDecimal128(args, status, use_range_v2);
+        return mc_getMincoverDecimal128(args, status);
 #else // ↑↑↑↑↑↑↑↑ With Decimal128 / Without ↓↓↓↓↓↓↓↓↓↓
         CLIENT_ERR("FLE2 find is not supported for Decimal128: libmongocrypt "
                    "was built without Decimal128 support");
@@ -1570,39 +1844,35 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
 }
 
 /**
- * Payload subtype 10: FLE2FindRangePayload
+ * Payload subtype 13: FLE2FindRangePayloadV2
  *
- * {e: serverToken, cm: maxContentionFactor,
- *  g: [{d: EDC, s: ESC, c: ECC}, ...]}
+ * {cm: maxContentionFactor,
+ *  g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken}, ...]}
  */
-static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocrypt_key_broker_t *kb,
-                                                                       _mongocrypt_marking_t *marking,
-                                                                       _mongocrypt_ciphertext_t *ciphertext,
-                                                                       mongocrypt_status_t *status) {
+static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange(_mongocrypt_key_broker_t *kb,
+                                                                    _mongocrypt_marking_t *marking,
+                                                                    _mongocrypt_ciphertext_t *ciphertext,
+                                                                    mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(kb);
     BSON_ASSERT_PARAM(marking);
     BSON_ASSERT_PARAM(ciphertext);
-    BSON_ASSERT(kb->crypt);
 
-    const bool use_range_v2 = kb->crypt->opts.use_range_v2;
-    _mongocrypt_crypto_t *crypto = kb->crypt->crypto;
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
-    mc_FLE2FindRangePayload_t payload;
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
+    mc_FLE2FindRangePayloadV2_t payload;
     bool res = false;
     mc_mincover_t *mincover = NULL;
     _mongocrypt_buffer_t tokenKey = {0};
 
-    BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
     BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
     BSON_ASSERT(placeholder);
     BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
     BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
-    mc_FLE2FindRangePayload_init(&payload);
+    mc_FLE2FindRangePayloadV2_init(&payload);
 
     // Parse the query bounds and index bounds from FLE2EncryptionPlaceholder for
     // range find.
     mc_FLE2RangeFindSpec_t findSpec;
-    if (!mc_FLE2RangeFindSpec_parse(&findSpec, &placeholder->v_iter, use_range_v2, status)) {
+    if (!mc_FLE2RangeFindSpec_parse(&findSpec, &placeholder->v_iter, status)) {
         goto fail;
     }
 
@@ -1610,27 +1880,10 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
         // cm := Queryable Encryption max contentionFactor
         payload.payload.value.maxContentionFactor = placeholder->maxContentionFactor;
 
-        // e := ServerDataEncryptionLevel1Token
-        {
-            if (!_get_tokenKey(kb, &placeholder->index_key_id, &tokenKey, status)) {
-                goto fail;
-            }
-
-            mc_ServerDataEncryptionLevel1Token_t *serverToken =
-                mc_ServerDataEncryptionLevel1Token_new(crypto, &tokenKey, status);
-            if (!serverToken) {
-                goto fail;
-            }
-            _mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(serverToken),
-                                       &payload.payload.value.serverEncryptionToken);
-            mc_ServerDataEncryptionLevel1Token_destroy(serverToken);
-        }
-
         // g:= array<EdgeFindTokenSet>
         {
             BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
-            mincover =
-                mc_get_mincover_from_FLE2RangeFindSpec(&findSpec, (size_t)placeholder->sparsity, status, use_range_v2);
+            mincover = mc_get_mincover_from_FLE2RangeFindSpec(&findSpec, (size_t)placeholder->sparsity, status);
             if (!mincover) {
                 goto fail;
             }
@@ -1641,7 +1894,7 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
                 const char *edge = mc_mincover_get(mincover, i);
                 _mongocrypt_buffer_t edge_buf = {0};
                 _FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
-                mc_EdgeFindTokenSet_t eftc = {{0}};
+                mc_EdgeFindTokenSetV2_t eftc = {{0}};
 
                 if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
                     CLIENT_ERR("failed to copy edge to buffer");
@@ -1652,7 +1905,7 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
                                                          &edge_tokens,
                                                          &placeholder->index_key_id,
                                                          &edge_buf,
-                                                         false, /* derive tokens using contentionFactor */
+                                                         false, /* derive tokens without using contentionFactor */
                                                          placeholder->maxContentionFactor, /* ignored */
                                                          status)) {
                     goto fail_loop;
@@ -1662,8 +1915,9 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
                 _mongocrypt_buffer_steal(&eftc.edcDerivedToken, &edge_tokens.edcDerivedToken);
                 // s := ESCDerivedToken
                 _mongocrypt_buffer_steal(&eftc.escDerivedToken, &edge_tokens.escDerivedToken);
-                // c := ECCDerivedToken
-                _mongocrypt_buffer_steal(&eftc.eccDerivedToken, &edge_tokens.eccDerivedToken);
+
+                // l := serverDerivedFromDataToken
+                _mongocrypt_buffer_steal(&eftc.serverDerivedFromDataToken, &edge_tokens.serverDerivedFromDataToken);
 
                 _mc_array_append_val(&payload.payload.value.edgeFindTokenSetArray, eftc);
 
@@ -1677,6 +1931,13 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
             }
         }
         payload.payload.set = true;
+
+        // Include "range" payload fields introduced in SERVER-91889.
+        payload.sparsity = OPT_I64(placeholder->sparsity);
+        payload.precision = findSpec.edgesInfo.value.precision;
+        payload.trimFactor = OPT_I32(mc_mincover_get_used_trimFactor(mincover));
+        bson_value_copy(bson_iter_value(&findSpec.edgesInfo.value.indexMin), &payload.indexMin);
+        bson_value_copy(bson_iter_value(&findSpec.edgesInfo.value.indexMax), &payload.indexMax);
     }
 
     payload.payloadId = findSpec.payloadId;
@@ -1686,153 +1947,80 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocry
     // Serialize.
     {
         bson_t out = BSON_INITIALIZER;
-        mc_FLE2FindRangePayload_serialize(&payload, &out);
+        mc_FLE2FindRangePayloadV2_serialize(&payload, &out);
         _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
     }
     _mongocrypt_buffer_steal(&ciphertext->key_id, &placeholder->index_key_id);
 
     // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2FindRangePayload.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindRangePayload;
+    // not used for FLE2FindRangePayloadV2.
+    ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindRangePayloadV2;
 
     res = true;
 fail:
     mc_mincover_destroy(mincover);
-    mc_FLE2FindRangePayload_cleanup(&payload);
+    mc_FLE2FindRangePayloadV2_cleanup(&payload);
     _mongocrypt_buffer_cleanup(&tokenKey);
 
     return res;
 }
 
-/**
- * Payload subtype 13: FLE2FindRangePayloadV2
- * Delegates to ..._find_ciphertextForRange_v1
- *   when crypt->opts.use_fle2_v2 is false
- *
- * {cm: maxContentionFactor,
- *  g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken}, ...]}
- */
-static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange(_mongocrypt_key_broker_t *kb,
-                                                                    _mongocrypt_marking_t *marking,
-                                                                    _mongocrypt_ciphertext_t *ciphertext,
-                                                                    mongocrypt_status_t *status) {
+static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForTextSearch(_mongocrypt_key_broker_t *kb,
+                                                                         _mongocrypt_marking_t *marking,
+                                                                         _mongocrypt_ciphertext_t *ciphertext,
+                                                                         mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(kb);
     BSON_ASSERT_PARAM(marking);
     BSON_ASSERT_PARAM(ciphertext);
+    BSON_ASSERT(kb->crypt);
+    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
 
-    if (kb->crypt->opts.use_fle2_v2 == false) {
-        return _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(kb, marking, ciphertext, status);
-    }
-
-    const bool use_range_v2 = kb->crypt->opts.use_range_v2;
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
-    mc_FLE2FindRangePayloadV2_t payload;
     bool res = false;
-    mc_mincover_t *mincover = NULL;
-    _mongocrypt_buffer_t tokenKey = {0};
-
-    BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
-    BSON_ASSERT(placeholder);
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
     BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
-    BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
-    mc_FLE2FindRangePayloadV2_init(&payload);
+    BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_TEXT_SEARCH);
 
-    // Parse the query bounds and index bounds from FLE2EncryptionPlaceholder for
-    // range find.
-    mc_FLE2RangeFindSpec_t findSpec;
-    if (!mc_FLE2RangeFindSpec_parse(&findSpec, &placeholder->v_iter, use_range_v2, status)) {
+    mc_FLE2FindTextPayload_t payload;
+    mc_FLE2FindTextPayload_init(&payload);
+
+    mc_FLE2TextSearchInsertSpec_t spec;
+    if (!mc_FLE2TextSearchInsertSpec_parse(&spec, &placeholder->v_iter, status)) {
         goto fail;
     }
 
-    if (findSpec.edgesInfo.set) {
-        // cm := Queryable Encryption max contentionFactor
-        payload.payload.value.maxContentionFactor = placeholder->maxContentionFactor;
-
-        // g:= array<EdgeFindTokenSet>
-        {
-            BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
-            mincover =
-                mc_get_mincover_from_FLE2RangeFindSpec(&findSpec, (size_t)placeholder->sparsity, status, use_range_v2);
-            if (!mincover) {
-                goto fail;
-            }
-
-            for (size_t i = 0; i < mc_mincover_len(mincover); i++) {
-                // Create a EdgeFindTokenSet from each edge.
-                bool loop_ok = false;
-                const char *edge = mc_mincover_get(mincover, i);
-                _mongocrypt_buffer_t edge_buf = {0};
-                _FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
-                mc_EdgeFindTokenSetV2_t eftc = {{0}};
-
-                if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
-                    CLIENT_ERR("failed to copy edge to buffer");
-                    goto fail_loop;
-                }
-
-                if (!_mongocrypt_fle2_placeholder_common(kb,
-                                                         &edge_tokens,
-                                                         &placeholder->index_key_id,
-                                                         &edge_buf,
-                                                         false, /* derive tokens without using contentionFactor */
-                                                         placeholder->maxContentionFactor, /* ignored */
-                                                         status)) {
-                    goto fail_loop;
-                }
-
-                // d := EDCDerivedToken
-                _mongocrypt_buffer_steal(&eftc.edcDerivedToken, &edge_tokens.edcDerivedToken);
-                // s := ESCDerivedToken
-                _mongocrypt_buffer_steal(&eftc.escDerivedToken, &edge_tokens.escDerivedToken);
-
-                // l := serverDerivedFromDataToken
-                _mongocrypt_buffer_steal(&eftc.serverDerivedFromDataToken, &edge_tokens.serverDerivedFromDataToken);
-
-                _mc_array_append_val(&payload.payload.value.edgeFindTokenSetArray, eftc);
-
-                loop_ok = true;
-            fail_loop:
-                _FLE2EncryptedPayloadCommon_cleanup(&edge_tokens);
-                _mongocrypt_buffer_cleanup(&edge_buf);
-                if (!loop_ok) {
-                    goto fail;
-                }
-            }
-        }
-        payload.payload.set = true;
-
-        if (use_range_v2) {
-            // Include "range" payload fields introduced in SERVER-91889.
-            payload.sparsity = OPT_I64(placeholder->sparsity);
-            payload.precision = findSpec.edgesInfo.value.precision;
-            payload.trimFactor = OPT_I32(mc_mincover_get_used_trimFactor(mincover));
-            bson_value_copy(bson_iter_value(&findSpec.edgesInfo.value.indexMin), &payload.indexMin);
-            bson_value_copy(bson_iter_value(&findSpec.edgesInfo.value.indexMax), &payload.indexMax);
-        }
+    if (!_fle2_generate_TextSearchFindTokenSets(kb, &payload.tokenSets, &placeholder->index_key_id, &spec, status)) {
+        goto fail;
     }
 
-    payload.payloadId = findSpec.payloadId;
-    payload.firstOperator = findSpec.firstOperator;
-    payload.secondOperator = findSpec.secondOperator;
+    payload.caseFold = spec.casef;
+    payload.diacriticFold = spec.diacf;
+    payload.maxContentionFactor = placeholder->maxContentionFactor;
+    if (spec.substr.set) {
+        payload.substringSpec.set = true;
+        payload.substringSpec.value = spec.substr.value;
+    } else if (spec.suffix.set) {
+        payload.suffixSpec.set = true;
+        payload.suffixSpec.value = spec.suffix.value;
+    } else if (spec.prefix.set) {
+        payload.prefixSpec.set = true;
+        payload.prefixSpec.value = spec.prefix.value;
+    }
 
     // Serialize.
     {
         bson_t out = BSON_INITIALIZER;
-        mc_FLE2FindRangePayloadV2_serialize(&payload, &out, use_range_v2);
+        mc_FLE2FindTextPayload_serialize(&payload, &out);
         _mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
     }
-    _mongocrypt_buffer_steal(&ciphertext->key_id, &placeholder->index_key_id);
 
     // Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
-    // not used for FLE2FindRangePayloadV2.
-    ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindRangePayloadV2;
+    // not used for FLE2FindTextPayload.
+    ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindTextPayload;
 
     res = true;
-fail:
-    mc_mincover_destroy(mincover);
-    mc_FLE2FindRangePayloadV2_cleanup(&payload);
-    _mongocrypt_buffer_cleanup(&tokenKey);
 
+fail:
+    mc_FLE2FindTextPayload_cleanup(&payload);
     return res;
 }
 
@@ -1845,7 +2033,7 @@ static bool _mongocrypt_fle2_placeholder_to_FLE2UnindexedEncryptedValue(_mongocr
     BSON_ASSERT_PARAM(ciphertext);
 
     _mongocrypt_buffer_t plaintext = {0};
-    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
+    mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->u.fle2;
     _mongocrypt_buffer_t user_key = {0};
     bool res = false;
 
@@ -1860,25 +2048,14 @@ static bool _mongocrypt_fle2_placeholder_to_FLE2UnindexedEncryptedValue(_mongocr
     }
 
     BSON_ASSERT(kb->crypt);
-    if (kb->crypt->opts.use_fle2_v2) {
-        res = mc_FLE2UnindexedEncryptedValueV2_encrypt(kb->crypt->crypto,
-                                                       &placeholder->user_key_id,
-                                                       bson_iter_type(&placeholder->v_iter),
-                                                       &plaintext,
-                                                       &user_key,
-                                                       &ciphertext->data,
-                                                       status);
-        ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValueV2;
-    } else {
-        res = mc_FLE2UnindexedEncryptedValue_encrypt(kb->crypt->crypto,
-                                                     &placeholder->user_key_id,
-                                                     bson_iter_type(&placeholder->v_iter),
-                                                     &plaintext,
-                                                     &user_key,
-                                                     &ciphertext->data,
-                                                     status);
-        ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValue;
-    }
+    res = mc_FLE2UnindexedEncryptedValueV2_encrypt(kb->crypt->crypto,
+                                                   &placeholder->user_key_id,
+                                                   bson_iter_type(&placeholder->v_iter),
+                                                   &plaintext,
+                                                   &user_key,
+                                                   &ciphertext->data,
+                                                   status);
+    ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValueV2;
 
     if (!res) {
         goto fail;
@@ -1922,12 +2099,13 @@ static bool _mongocrypt_fle1_marking_to_ciphertext(_mongocrypt_key_broker_t *kb,
     _mongocrypt_buffer_init(&key_id);
     _mongocrypt_buffer_init(&key_material);
 
-    /* Get the decrypted key for this marking. */
+    /* Get the decrypted key for this marking.u.fle1. */
     if (marking->type == MONGOCRYPT_MARKING_FLE1_BY_ALTNAME) {
-        key_found = _mongocrypt_key_broker_decrypted_key_by_name(kb, &marking->key_alt_name, &key_material, &key_id);
-    } else if (!_mongocrypt_buffer_empty(&marking->key_id)) {
-        key_found = _mongocrypt_key_broker_decrypted_key_by_id(kb, &marking->key_id, &key_material);
-        _mongocrypt_buffer_copy_to(&marking->key_id, &key_id);
+        key_found =
+            _mongocrypt_key_broker_decrypted_key_by_name(kb, &marking->u.fle1.key_alt_name, &key_material, &key_id);
+    } else if (!_mongocrypt_buffer_empty(&marking->u.fle1.key_id)) {
+        key_found = _mongocrypt_key_broker_decrypted_key_by_id(kb, &marking->u.fle1.key_id, &key_material);
+        _mongocrypt_buffer_copy_to(&marking->u.fle1.key_id, &key_id);
     } else {
         CLIENT_ERR("marking must have either key_id or key_alt_name");
         goto fail;
@@ -1938,11 +2116,11 @@ static bool _mongocrypt_fle1_marking_to_ciphertext(_mongocrypt_key_broker_t *kb,
         goto fail;
     }
 
-    ciphertext->original_bson_type = (uint8_t)bson_iter_type(&marking->v_iter);
-    if (marking->algorithm == MONGOCRYPT_ENCRYPTION_ALGORITHM_DETERMINISTIC) {
+    ciphertext->original_bson_type = (uint8_t)bson_iter_type(&marking->u.fle1.v_iter);
+    if (marking->u.fle1.algorithm == MONGOCRYPT_ENCRYPTION_ALGORITHM_DETERMINISTIC) {
         ciphertext->blob_subtype = MC_SUBTYPE_FLE1DeterministicEncryptedValue;
     } else {
-        BSON_ASSERT(marking->algorithm == MONGOCRYPT_ENCRYPTION_ALGORITHM_RANDOM);
+        BSON_ASSERT(marking->u.fle1.algorithm == MONGOCRYPT_ENCRYPTION_ALGORITHM_RANDOM);
         ciphertext->blob_subtype = MC_SUBTYPE_FLE1RandomEncryptedValue;
     }
     _mongocrypt_buffer_copy_to(&key_id, &ciphertext->key_id);
@@ -1951,7 +2129,7 @@ static bool _mongocrypt_fle1_marking_to_ciphertext(_mongocrypt_key_broker_t *kb,
         goto fail;
     }
 
-    _mongocrypt_buffer_from_iter(&plaintext, &marking->v_iter);
+    _mongocrypt_buffer_from_iter(&plaintext, &marking->u.fle1.v_iter);
     ciphertext->data.len = fle1->get_ciphertext_len(plaintext.len, status);
     if (ciphertext->data.len == 0) {
         goto fail;
@@ -1962,7 +2140,7 @@ static bool _mongocrypt_fle1_marking_to_ciphertext(_mongocrypt_key_broker_t *kb,
     ciphertext->data.owned = true;
 
     BSON_ASSERT(kb->crypt);
-    switch (marking->algorithm) {
+    switch (marking->u.fle1.algorithm) {
     case MONGOCRYPT_ENCRYPTION_ALGORITHM_DETERMINISTIC:
         /* Use deterministic encryption. */
         _mongocrypt_buffer_resize(&iv, MONGOCRYPT_IV_LEN);
@@ -2037,11 +2215,11 @@ bool _mongocrypt_marking_to_ciphertext(void *ctx,
 
     switch (marking->type) {
     case MONGOCRYPT_MARKING_FLE2_ENCRYPTION:
-        switch (marking->fle2.algorithm) {
+        switch (marking->u.fle2.algorithm) {
         case MONGOCRYPT_FLE2_ALGORITHM_UNINDEXED:
             return _mongocrypt_fle2_placeholder_to_FLE2UnindexedEncryptedValue(kb, marking, ciphertext, status);
         case MONGOCRYPT_FLE2_ALGORITHM_RANGE:
-            switch (marking->fle2.type) {
+            switch (marking->u.fle2.type) {
             case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT:
                 return _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange(kb,
                                                                                         marking,
@@ -2049,17 +2227,28 @@ bool _mongocrypt_marking_to_ciphertext(void *ctx,
                                                                                         status);
             case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND:
                 return _mongocrypt_fle2_placeholder_to_find_ciphertextForRange(kb, marking, ciphertext, status);
-            default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->fle2.type); return false;
+            default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->u.fle2.type); return false;
             }
         case MONGOCRYPT_FLE2_ALGORITHM_EQUALITY:
-            switch (marking->fle2.type) {
+            switch (marking->u.fle2.type) {
             case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT:
                 return _mongocrypt_fle2_placeholder_to_insert_update_ciphertext(kb, marking, ciphertext, status);
             case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND:
                 return _mongocrypt_fle2_placeholder_to_find_ciphertext(kb, marking, ciphertext, status);
-            default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->fle2.type); return false;
+            default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->u.fle2.type); return false;
+            }
+        case MONGOCRYPT_FLE2_ALGORITHM_TEXT_SEARCH:
+            switch (marking->u.fle2.type) {
+            case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT:
+                return _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForTextSearch(kb,
+                                                                                             marking,
+                                                                                             ciphertext,
+                                                                                             status);
+            case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND:
+                return _mongocrypt_fle2_placeholder_to_find_ciphertextForTextSearch(kb, marking, ciphertext, status);
+            default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->u.fle2.type); return false;
             }
-        default: CLIENT_ERR("unexpected algorithm: %d", (int)marking->algorithm); return false;
+        default: CLIENT_ERR("unexpected algorithm: %d", (int)marking->u.fle1.algorithm); return false;
         }
     case MONGOCRYPT_MARKING_FLE1_BY_ID:
     case MONGOCRYPT_MARKING_FLE1_BY_ALTNAME: